VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
VRDA-100302-001
Vulnerability in VBScript Could Allow Remote Code Execution
http://www.microsoft.com/japan/technet/security/advisory/981169.mspx

Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.




About This Analysis Information
Analysis Information Provider:
 		JPCERT/CC
 		First Published:
 		2010-03-02
Source Information Category:
 		Advisory, Alert
 		Last Updated:
 		2010-03-02




Affected Product Tags
cpe:/o:microsoft:windows_2000     (Microsoft Windows 2000)
cpe:/o:microsoft:windows_2003_server     (Microsoft Windows Server 2003)
cpe:/o:microsoft:windows_xp     (Microsoft Windows XP)
 


Vulnerability Analysis Results
[Information Source Reliability] [?]
Low [?]

Medium [?]
X High [?]
[Impact Level] [?]
Low [?]

Low-Medium [?]
Medium-High [?]
X High [?]
[Access Required] [?]
Physical [?]

Local [?]
Non-routed [?]
X Routed [?]
[Authentication] [?]
Privileged [?]

Standard [?]
Limited [?]
X None or Unnecessary [?]
[User Interaction Required] [?]
Complex [?]

X Simple [?]
None [?]
[Technical Difficulty] [?]
High [?]

Medium-High [?]
Low-Medium [?]
Low [?]
[Availability of Remediation] [?]
Official Patch [?]

X Official Workaround [?]
Unofficial Patch [?]
None [?]
[Incident Activity] [?]
None [?]

X Exploit or PoC [?]
Activity Observed [?]
Alternatives




References
Common Vulnerabilities and Exposures (CVE) CVE-2010-0483




Copyright © 2010 JPCERT/CC All Rights Reserved.